ClamAV/ClamWin should be able to support any MD5 and SHA hashes, as far as I know.

I am not sure what you are trying to ask, though, there is only 1 type of MD5 hash.

GuitarBob

Joined: 09 Jul 2006

Posts: 4316

Location: USA

Posted: Thu Oct 01, 2015 4:17 pm

If you want the md5 hash of clamwin, scan the file (exe or whatever) on Virus Total and look at the detail.

As far as I know--based on information from 3 years ago, Clam AV (and therefore ClamWin) used the MD5 official hash although there was some support for SHA. I could get ClamWijn to detect a SHA signature hash but Clam's submission interface could not process the SHA signature. SHA is standard for most AVs, so Clam should support it by now. For me, MD5 is still okay the way Clam AV uses it--they pair the MD5 with file size, which is pretty secure.

Regards,

Jef_uk

Joined: 01 Oct 2015

Posts: 6

Location: UK

Posted: Thu Oct 01, 2015 7:59 pm

Sorry I meant what is the check-sum so I can verify the download has not been tampered with?

As in its normally on the website somewhere please can some one tell me where as I could not locate it.

GuitarBob

Joined: 09 Jul 2006

Posts: 4316

Location: USA

Posted: Thu Oct 01, 2015 11:16 pm

I don't recall ClamWin ever ousing a checksum. I suggest that you upload the install file to Virus Total and verify it that way.

Debian do it for whole DVDs.
http://cdimage.debian.org/debian-cd/8.2.0/amd64/bt-dvd/SHA512SUMS

GuitarBob

Joined: 09 Jul 2006

Posts: 4316

Location: USA

Posted: Fri Oct 02, 2015 3:19 pm

You can't do it then. As for why no MD5 for ClamWin, I don't know. It is basically a massaged version of the Clam AV code. It only goes through the hands of the 2 developers, and is then beta tested for a couple of weeks--any significant problem would probably be found.

I guess you could send each executable as installed to Virus Total.

Regards,

Jef_uk

Joined: 01 Oct 2015

Posts: 6

Location: UK

Posted: Sat Oct 03, 2015 8:10 pm

OK I'm going to assume that snort has detected a virus has been in been added in the setup file; and it is not a false positive; for the current version.